Lucene search
Mozilla FoundationMFSA2015-19HistoryFeb 24, 2015 - 12:00 a.m.
Out-of-bounds read and write while rendering SVG content — Mozilla
2015-02-2400:00:00
Mozilla Foundation
www.mozilla.org
22
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.0%
Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to report an out-of-bounds read and an out-of-bounds write when rendering an improperly formatted SVG graphic. This could potentially allow the attacker to read uninitialized memory.
Affected configurations
Node
mozillafirefoxRange<36
ORmozillafirefox_esrRange<31.5
ORmozillafirefox_osRange<2.2
ORmozillaseamonkeyRange<2.33
ORmozillathunderbirdRange<31.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 36 | |
| firefox esr | lt | 31.5 | |
| firefox os | lt | 2.2 | |
| seamonkey | lt | 2.33 | |
| thunderbird | lt | 31.5 |
Related
prion
prion
Heap overflow
2015-02-25 11:59:00
cve
cve
CVE-2015-0827
2015-02-25 11:59:08
cvelist
cvelist
CVE-2015-0827
2015-02-25 11:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-19) - Linux
2021-11-11 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Mar 2015) - Mac OS X
2015-03-03 00:00:00
RedHat Update for firefox RHSA-2015:0265-01
2015-02-25 00:00:00
ubuntucve
ubuntucve
CVE-2015-0827
2015-02-25 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:12:31
nvd
nvd
CVE-2015-0827
2015-02-25 11:59:08
redhat
redhat
(RHSA-2015:0266) Important: thunderbird security update
2015-02-25 00:00:00
(RHSA-2015:0629) Critical: firefox security update
2015-03-05 13:49:00
(RHSA-2015:0642) Important: thunderbird security update
2015-03-05 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2506-1)
2015-03-05 00:00:00
CentOS 5 / 6 : thunderbird (CESA-2015:0266)
2015-02-26 00:00:00
Oracle Linux 6 : thunderbird (ELSA-2015-0266)
2015-02-26 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-03-03 00:00:00
Firefox vulnerabilities
2015-02-25 00:00:00
Firefox regression
2015-03-09 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2015-02-25 00:00:00
firefox security update
2015-02-25 00:00:00
thunderbird security update
2015-03-12 00:00:00
osv
osv
iceweasel - security update
2015-02-25 00:00:00
icedove - security update
2015-03-03 00:00:00
suse
suse
Security update for MozillaThunderbird (important)
2015-03-07 11:04:50
Security update for Mozilla Firefox (important)
2015-03-07 01:05:04
Security update for Mozilla Firefox (important)
2015-03-07 00:04:56
centos
centos
thunderbird security update
2015-02-25 20:08:47
thunderbird security update
2015-03-19 19:31:21
firefox, xulrunner security update
2015-02-25 03:04:39
debian
debian
[SECURITY] [DSA 3174-1] iceweasel security update
2015-02-25 18:52:05
[SECURITY] [DSA 3179-1] icedove security update
2015-03-03 21:37:56
mageia
mageia
Updated firefox and thunderbird packages fix security vulnerabilities
2015-02-26 11:26:53
Updated iceape packages fix security vulnerabilities
2015-04-03 16:11:23
archlinux
archlinux
thunderbird: multiple issues
2015-02-25 00:00:00
firefox: multiple issues
2015-02-25 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-02-24 00:00:00
kaspersky
kaspersky
KLA10464 Multiple vulnerabilities in Mozilla products
2015-02-24 00:00:00
ibm
ibm
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-03-22 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.0%
Related for MFSA2015-19